Economic Services Administration 060 - PL - FZ - CRITICAL SYSTEM RISK MITIGATION

Agency Submittal: 21-2018 Suppl Agency Req Budget Period: 2017-19

REQUEST

The Department of Social and Health Services (DSHS) Economic Services Administration (ESA) requests $1,644,000 ($1,167,000 GF-State) and 4.5 FTEs to begin a multiyear modernization of Barcode, a 20 year old system developed by ESA. Barcode is used daily by multiple state agencies. This project will maintain future viability, better comply with modern security standards, and continue to provide support to over 6,000 end-users in DSHS, the Health Care Authority (HCA), and the Department of Early Learning (DEL)/Department of Children, Youth, and Families (DCYF) who provide services to vulnerable citizens in Washington State.

PROBLEM STATEMENT

ESA must plan for the future viability of Barcode, and its subsystems. Among other tasks, Barcode is used daily to manage documents, workflow, case management, fair hearings, and determine child care eligibility and authorizations. Electronic Benefit Transfer (EBT) benefit delivery is also supported in Barcode as staff authorize, issue, and track EBT cards and transaction history through this system. With a similar user base as the Automated Client Eligibility System (ACES) Complex of Applications, Barcode has over 6,000 users in DSHS, the Health Care Authority (HCA), and the Department of Early Learning (DEL)/Department of Children, Youth, and Families (DCYF). Technology changes constantly and as it evolves, support for older, legacy systems becomes harder to find, resulting in an inability to evolve business functionality as quickly as desired, or in some cases, at all. Barcode is a mission critical system, written in a minimally vendor-supported, outdated technology with the following issues:

The current platform achieves compliance with federal, state, and agency security standards by requiring additional layers of compensating controls. This is not desirable and requires increasing maintenance and scrutiny as digital threats increase and evolve.

Barcode has limited interoperability with other systems which creates additional overhead for those systems to retrieve necessary information from Barcode and fully leverage Barcode capabilities.

It is difficult to find developers trained in the application development tool/language used to develop Barcode (Prolifics Panther). As current developers leave, it is nearly impossible to find a replacement skill set as the existing technology is old and no longer widely used.

In order to position Barcode to meet the current and future business and technology needs of its stakeholders; to increase interoperability between systems and; to comply with security and architecture standards, it is essential to move to a secure, supported platform as soon as possible.

060 - PL - FZ - Critical System Risk Mitigation

PROPOSED SOLUTION

ESA is planning a multi-year project beginning in Fiscal Year (FY) 2019 to migrate Barcode to a web-based platform, while updating system architecture to align with existing department technology and standards and move to supported technology. To effectively migrate with minimal/no disruption to end users, a phased approach was developed. The diagram below is a visual depiction of the functionality provided by the Barcode system, grouped by both system dependencies and business prioritization. It will be used to break the project into various stages.

Timeline:

Completion of Business Areas 1 and 2 (migration of core document management and workflow functionality) will enable the majority of line staff users to perform all of their work functions in the new platform. This is expected to be completed by 1/1/21.

060 - PL - FZ - Critical System Risk Mitigation

Completion of Business Areas 3 and 4 (migration of child care eligibility and authorization, and case management functionality) will enable the remaining line staff to work in the new platform. This is expected to be completed by 1/1/23.

The remaining work and migration of remaining functionality encompassed in Business Area 5 will be

accomplished in the final six months. Business Area 5 contains less frequently used functionality such as

exception to rule processing and miscellaneous reporting. This is expected to be completed by 6/30/23.

EXPECTED RESULTS

At the end of the project period, Barcode will be operating on a secure and sustainable web-based platform that meets DSHS standards, continuing to serve staff across DSHS, DEL/DCYF, and HCA. Modernization is identified in the ESA Strategic Plan to support staff, customers and business most effectively, and supports the following ESA Strategic Objectives:

Access to Basic Food assistance;

Increasing the percentage of CSD clients receiving timely services;

Increasing security of customer information; and

Improving systems architecture in support of ESA business needs Modernizing Barcode achieves the State IT strategic objectives of:

Providing a more consistent and responsive user experience;

Compliance with Federal, State, and Department security standards;

Compliance with the Federal Enterprise Architecture Framework (FEAF) and DSHS architecture, and Additional functionality and interoperability with other agency systems

STAKEHOLDER IMPACT All of Barcode’s stakeholders are in strong support of modernization. There is no known opposition. Agency Contact: Wendy Polzin, (360) 902-8067 Program Contact: Jie Tang, (360) 725-4509

OTHER CONNECTIONS

Performance Outcomes/Important Connections 1. Does this DP provide essential support to one or more of the Governor’s Results Washington priorities?

Goal 5: Efficient, Effective & Accountable Government - Customer Satisfaction and Confidence - 1.1 Increase

customer services.

2. Identify other important connections or impacts below. (Indicate ‘Yes’ or ‘No’. If ‘Yes’ identify the connections or

impacts related to the proposal.)

060 - PL - FZ - Critical System Risk Mitigation

a) Regional/County impacts? No b) Other local government impacts? No c) Tribal government impacts? No d) Other state agency impacts? No e) Responds to specific task force, report, mandate or executive order? No f) Does request contain a compensation change or require changes to a Collective Bargaining Agreement? No

g) Facility/workplace needs or impacts? Yes. Additional office space will be needed. h) Capital budget impacts? No i) Is change required to existing statutes, rules or contracts? No

j) Is the request related to litigation? No k) Is the request related to Puget Sound recovery? No l) Other important connections? No 3. Please provide a detailed discussion of connections/impacts identified above. Alternatives/Consequences/Other 4. What alternatives were explored by the agency, and why was this alternative chosen? The ESA Information Technology (IT) Solutions participated in a roadmap exercise with DSHS Enterprise Technology and engaged the services of a contractor for consultation in migration alternatives. The recommended solution was to migrate the front-end technology to a more modern platform to address existing shortfalls. The other alternative is maintaining the status quo, which is not sustainable for the reasons stated above. 5. How has or can the agency address the issue or need within its current appropriation level?

The agency does not have adequate funding to address this need within the current appropriation level. 6. Does this decision package include funding for any IT-related costs (hardware, software, services, cloud-based

services, contracts or IT staff)?

☐ No

☒ Yes (Include an IT Addendum)

Fiscal Detail 060 - PL - FZ - Critical System Risk Mitigation

Operating Expenditures FY 2018 FY 2019 FY 2020 FY 2021

001-1 General Fund-State 0 1,167,000 2,066,000 1,949,000

001-2 General Fund-Federal 0 378,000 669,000 632,000

001-C General Fund-Medicaid 0 99,000 175,000 165,000

Total Cost 0 1,644,000 2,910,000 2,746,000

Staffing FY 2018 FY 2019 FY 2020 FY 2021

FTEs 0.0 4.5 11.0 13.0

Performance Measure Detail

Incremental Changes

Activity: FY 2018 FY 2019 FY 2020 FY 2021

Program: 060

F078 Program Support

No measures submitted for package

Object Detail FY 2018 FY 2019 FY 2020 FY 2021

A Salaries and Wages 0 396,000 949,000 1,123,000

B Employee Benefits 0 144,000 333,000 394,000

E Goods and Other Services 0 1,025,000 1,450,000 1,031,000

G Travel 0 2,000 5,000 5,000

J Capital Outlays 0 27,000 66,000 78,000

P Debt Service 0 1,000 3,000 4,000

TZ Intra-agency Reimbursements 0 5,000 11,000 13,000

ED Rentals and Leases – Land and Buildings 0 44,000 93,000 98,000

Total Objects 0 1,644,000 2,910,000 2,746,000

DSHS Source Detail

Overall Funding

Operating Expenditures FY 2018 FY 2019 FY 2020 FY 2021

Fund 001-1, General Fund-State

Sources Title

0011 General Fund State 0 350,000 620,000 585,000

GFS2 General Fund State TANF Moe 0 817,000 1,446,000 1,364,000

Total for Fund 001-1 0 1,167,000 2,066,000 1,949,000

Fund 001-2, General Fund-Federal

Sources Title

E61L Food Stamp Program (50%) 0 378,000 669,000 632,000

Total for Fund 001-2 0 378,000 669,000 632,000

Fund 001-C, General Fund-Medicaid

Sources Title

19UL Title XIX Admin (50%) 0 99,000 175,000 165,000

Total for Fund 001-C 0 99,000 175,000 165,000

Total Overall Funding 0 1,644,000 2,910,000 2,746,000

2018 Supplemental IT Addendum – 060-PL-FZ Critical System Risk Mitigation

2018 Supplemental IT Addendum – 060-PL-FZ Critical System Risk Mitigation

Part 1: Itemized IT Costs Please itemize any IT-related costs, including hardware, software, services (including cloud-based services), contracts (including professional services, quality assurance, and independent verification and validation), or IT staff. Be as specific as you can. (See chapter 12.1 of the operating budget instructions for guidance on what counts as “IT-related costs”)

Information Technology Items in this DP

(insert rows as required) FY 2018 FY 2019 FY 2020 FY 2021

IT6 Architect (new) 80,000 149,000 149,000

ITS5 Development (new) 275,000 826,000 1,101,000

ITS5 Business Analyst (new) 275,000 275,000 275,000

ITS4 Test (new) 255,000 255,000

Contract Staff – PM (new) 363,000 363,000 363,000

Contract Staff – Web Architect Consultant – expert (new)

357,000 357,000

Contract Staff – UI Web Designer Consultant – senior (new)

77,000

Contract Staff – QA (new) 167,000 345,000 345,000

Contract Staff – IV&V (new) 173,000 173,000

Hardware – Dedicated host for virtual servers, includes DR

40,000

Software Licenses 31,000 25,000 28,000

Training 40,000 40,000 40,000

Travel 1,000 1,000 1,000

Facilities 15,000 24,000 16,000

Total Cost 1,644,000 2,910,000 2,746,000

Part 2: Identifying IT Projects If the investment proposed in the decision package is the development or acquisition of an IT project/system, or is an enhancement to or modification of an existing IT project/system, it will also be reviewed and ranked by the OCIO as required by RCW 43.88.092. The answers to the three questions below will help OFM and the OCIO determine whether this decision package is, or enhances/modifies, an IT project:

1. Does this decision package fund the development or acquisition of a ☒Yes ☐ No new or enhanced software or hardware system or service?

2. Does this decision package fund the acquisition or enhancements ☐Yes ☒ No of any agency data centers? (See OCIO Policy 184 for definition.)

2018 Supplemental IT Addendum – 060-PL-FZ Critical System Risk Mitigation

3. Does this decision package fund the continuation of a project that ☐Yes ☒ No is, or will be, under OCIO oversight? (See OCIO Policy 121.)

If you answered “yes” to any of these questions, you must complete a concept review with the OCIO before submitting your budget request. Refer to chapter 12.2 of the operating budget instructions for more information.